Tibor Jager, Juraj Somorovsky, Meiko Jensen, and Jorg Schwenk
described an attack technique against W3C XML Encryption Standard,
when the block ciphers were used in cipher-block chaining (CBC)
mode of operation. A remote attacker, aware of a cryptographic
weakness of the CBC mode could use this flaw to conduct
chosen-ciphertext attacks, leading to the recovery of the entire
plaintext of a particular cryptogram by examining of the differences
between SOAP responses, sent from JBossWS, J2EE Web Services server.

There is no (immediate) security "fix" for this issue, as it is an
attack on the standard itself. However, the attack can be prevented by
using a symmetric algorithm such as AES-128 or AES-256 with GCM. Until
the WS-SecurityPolicy specification is updated to support GCM, Apache
CXF has defined its own AlgorithmSuite policies to use GCM algorithms.
These AlgorithmSuites are called "Basic128GCM", "Basic192GCM" and
"Basic256GCM" in the namespace
"http://cxf.apache.org/custom/security-policy". See here for more
details about how to use these policies: